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- The MAILING DATE of this communication appears on the cover sheet with th correspondence address -- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 



2a)D This action is FINAL. 2b)M This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 1-42 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-42 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner, 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 185(a). 

1 1) D The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 
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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1 , 4-14, 18-22, 24-25, 27-28, 30-36 and 38-41 are rejected under 35 
U.S.C. 102(b) as being anticipated by Lin et al (6,052,785) (hereinafter Lin). 

Regarding claims 1, 6-10, 12, 22, 24 and , Lin discloses a mechanism for 
accessing securely remote data repositories (corresponding to the recited target server) 
by a client (see, for example, column 3, lines 41-51 and column 4, lines 54-67). The 
client request for accessing a file system is intercepted by a gateway server that 
corresponds to the recited proxy server (see, for example, column 6, lines 27-59). The 
client credentials (corresponding to the recited profile information) is used to 
authenticate the user by sending it to the file system server for authentication along with 
the user request (corresponding to the recited appending the profile information to the 
data request) (see, for example, column 3, lines 52-62, column 4, lines 30-38, column 7, 
lines 20-40 and column 8, line 57-column 9, line 24). Lin's system also provides for 
secure communications and encrypts the client request and credentials (see, for 
example, column 2, lines 7-12, column 7, lines 25-41 and column 8, lines 1-9). The 
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client and the web server negotiate the method of encryption and the key exchange 
process before the data transmission (see, for example, column 5, lines 62-67). 

Regarding claims 4, 5 and 28, these claims are rejected as applied to the like 
elements of claim 1 above and further the following: 

Lin discloses that the client credentials (profile information) are stored in and 
retrieved from a designated database based on the client identifier (see, for example, 
abstract, column 4, lines 34-35 and column 5, lines 51-56) and further Lin discloses that 
the middle tier server (proxy server) is coupled to the network via a network interface 
(see Figs. 1 and 2). 

Regarding claim 1 1, Lin discloses that the client utilizes a web browser to make 
HTTP requests (see, for example, column 1 , lines 46-59) from the web server which is a 
HTTP server (see, for example, column 5, lines 57-60). 

Regarding claims 13-14, 18-21, 25, 27 and 30-32, these claims are rejected as 
applied to the like elements of claims 6-10 above and further the following: 

Lin discloses that the middle tier server which includes gateways (corresponding 
to the recited proxy server) receives an SSL (encrypted) request for data access from 
user (see, for example, column 2, lines 52-56, column 6, lines 27-29). If the request is 
for accessing remote data then the request is transmitted to the remote data repository 
that corresponds to the recited information server (see, for example, column 7, lines 10- 
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13 and Figs. 4 and 5). At the remote data repository the client credentials (profile 
information) is extracted from the encrypted request to process client request and to 
prepare a response (see, for example, column 7, line 42-column 8, line 9). 

Regarding claims 33, 36 and 38, these claims are rejected as applied to the like 
elements of claim 1 above and further the following: 

Lin discloses that at the middle tier server (corresponding to the recited proxy 
server), it is determined that to which remote data repository (corresponding to the 
recited target server), the client request should be sent (see, for example, column 2, 
lines 41-56 and column 5, lines 14-34). Lin also discloses that a database called the 
security hash table is queried for the client credentials (profile information) with regard 
to communication between client and web server (see, for example, column 8, lines 51- 
56). 

Regarding claims 34-35 and 39-40, these claims are rejected as applied to the 
like elements of claims 6-10 above. 

Regarding claim 41 , this claim is rejected as applied to the like elements of claim 
36 above. 
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Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 2-3, 15-17, 23, 26, 29, 37 and 42 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Lin et al (6,052,785) (hereinafter Lin) in view of Uhler et al 
(2001/0039587 A1) (hereinafter Uhler). 

Regarding claims 2, 3, 23, 29 and 37, Lin does not expressly disclose the use of 
a reference token to be sent to the target server along with the subsequent client 
requests. Uhler, however, teaches a method for accessing web server by a client 
through a proxy server that uses a cookie (corresponding to the recited reference token) 
(see, for example, page 6, [0093]-[0094], Fig. 2 and Fig. 4). The cookie is received from 
the web server and it is transmitted back to the web site with the subsequent client 
requests. The cookie is used to determine if the client has the proper authentication. 
The cookie is sent to the client by the web server based on the initial authentication of 
the client which is associated with the credentials of the client. 

It would have been obvious to a person of ordinary skill in the art, at the time the 
invention was made, to implement the use of cookie (token) as taught in Uhler in the 
system of Lin, because the steps of authenticating the client would not be repeated in 
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the subsequent client attempts to access the web site (see Uhler, page 6, [0093] and 
Lin, column 3, lines 16-32). 

Regarding claim 15, this claim is rejected as applied to the like elements of claim 
13 above and further the following: 

Uhler teaches that the HTTP web server uses common gateway interface to 
handle the client request (see, for example, page 2, [0028]). 

Regarding claim 16, this claim is rejected as applied to the like elements of claim 
13 above and further the following: 

Uhler teaches that the web server sends a cookie (corresponding to the recited 
reference token) along with the response to the client (see, for example, page 6, 
[0093]). 

Regarding claim 17, this claim is rejected as applied to the like elements of 
claims 2 and 13 above. 

Regarding claims 26 and 42, these claims are rejected as applied to the like 
elements of claims 2 and 1 3 above and further the following: 

Lin discloses that the remote data repository (web server) stores the extracted 
client credentials (see column 7, line 60-column 8, line 9). 
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Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

US Patent No. 6,487,538 B1 to Gupta et al. 

US Patent No. 5,991,810 to Shapiro et al. 

6. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Abdulhakim Nobahar whose telephone number is 
703-305-8074. The examiner can normally be reached on M-F 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 



Abdulhakim Nobahar 

Examiner 

Art Unit 21 32 
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GILBERTO BARRON 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




